PT-2019-15010 · V Zug · V-Zug Combi-Steam Mslq

Publicado

2019-10-06

Atualizado

2019-10-10

CVE-2019-17217

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions V-Zug Combi-Steam MSLQ devices versions before Ethernet R07 and before WLAN R05

Description An issue was discovered where there is no CSRF protection established on the web service, potentially allowing for unauthorized actions.

Recommendations For V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05, update to Ethernet R07 or WLAN R05 or later to establish CSRF protection on the web service.

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

CVE-2019-17217

Produtos afetados

V-Zug Combi-Steam Mslq

PT-2019-15010 · V Zug · V-Zug Combi-Steam Mslq

CVE-2019-17217

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3